craftrans.com/?a=4768&oc=14224&c=45904&p=r&m=3&s1=clctng1301__6beerf093f424b140e521&s2=ye0re|nT90oJScoN==|glgzm|0r94ta|31pka95|80641|0000rglgzm|S|oTI2pzSxo3V=|MB|1lr5pvd&s3=p3yyAwAwZGSuLGyyZQSyAmOlMGZ=
34.76.75.249302 Found 403 B URL HTTP/1.1 craftrans.com/?a=4768&oc=14224&c=45904&p=r&m=3&s1=clctng1301__6beerf093f424b140e521&s2=ye0re|nT90oJScoN==|glgzm|0r94ta|31pka95|80641|0000rglgzm|S|oTI2pzSxo3V=|MB|1lr5pvd&s3=p3yyAwAwZGSuLGyyZQSyAmOlMGZ=
IP 34.76.75.249:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (331), with CRLF line terminators
Hash c754a582453f27036eacdcdd6c67b6c1
3f968027c8df3a748e7e130c307d60ecbdf0135c
e587d700f52fdf89f0dfd19b2895dc0f11cfbcd73e12ddfbd751f290ffe5f00f
Analyzer Verdict Alert quad9 Sinkholed
GET /?a=4768&oc=14224&c=45904&p=r&m=3&s1=clctng1301__6beerf093f424b140e521&s2=ye0re|nT90oJScoN==|glgzm|0r94ta|31pka95|80641|0000rglgzm|S|oTI2pzSxo3V=|MB|1lr5pvd&s3=p3yyAwAwZGSuLGyyZQSyAmOlMGZ= HTTP/1.1
Host: craftrans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Wed, 18 Jan 2023 23:26:29 GMT
content-type: text/html; charset=utf-8
content-length: 403
cache-control: private
location: https://craftrans.com/?a=4768&oc=14224&c=45904&p=r&m=3&s1=clctng1301__6beerf093f424b140e521&s2=ye0re|nT90oJScoN==|glgzm|0r94ta|31pka95|80641|0000rglgzm|S|oTI2pzSxo3V=|MB|1lr5pvd&s3=p3yyAwAwZGSuLGyyZQSyAmOlMGZ=&ckmguid=3621a5bb-3000-4232-a469-5b0e54358fbe
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2473
Expires: Thu, 19 Jan 2023 00:07:42 GMT
Date: Wed, 18 Jan 2023 23:26:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13466
Expires: Thu, 19 Jan 2023 03:10:55 GMT
Date: Wed, 18 Jan 2023 23:26:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4010
Expires: Thu, 19 Jan 2023 00:33:19 GMT
Date: Wed, 18 Jan 2023 23:26:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 22:49:23 GMT
content-type: application/json
age: 2226
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tAB9Rt1zL8KxUTy5uuAGReZtGaFvoh8J5sdrX8Y3y6h33Y2UMGMyLWqcUiHi7T1pJ2GoaE3sCe4=
x-amz-request-id: 8DWGQ347DCZ1FGEB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 22:45:37 GMT
age: 2452
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 23:26:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 22ba30ae41df15a02d5dd24db77aed11
940bb6abc91c75e2c53d12307d020f21324b0524
10cdecd5f21027c30397e0f6abf7eb3e005eba380c62112c9b01a54dfa5ce706
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 23:26:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 22 Jan 2023 22:39:27 GMT
ETag: "940bb6abc91c75e2c53d12307d020f21324b0524"
Last-Modified: Wed, 18 Jan 2023 22:39:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bb188bed9cb500-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 23:17:25 GMT
age: 545
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
craftrans.com/?a=4768&oc=14224&c=45904&p=r&m=3&s1=clctng1301__6beerf093f424b140e521&s2=ye0re|nT90oJScoN==|glgzm|0r94ta|31pka95|80641|0000rglgzm|S|oTI2pzSxo3V=|MB|1lr5pvd&s3=p3yyAwAwZGSuLGyyZQSyAmOlMGZ=&ckmguid=3621a5bb-3000-4232-a469-5b0e54358fbe
34.76.75.249302 Found 210 B URL HTTP/1.1 craftrans.com/?a=4768&oc=14224&c=45904&p=r&m=3&s1=clctng1301__6beerf093f424b140e521&s2=ye0re|nT90oJScoN==|glgzm|0r94ta|31pka95|80641|0000rglgzm|S|oTI2pzSxo3V=|MB|1lr5pvd&s3=p3yyAwAwZGSuLGyyZQSyAmOlMGZ=&ckmguid=3621a5bb-3000-4232-a469-5b0e54358fbe
IP 34.76.75.249:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 05e731edcbecdb7979fdf773b7bae84e
ebe84433ca9f7d9a65331af4ee9300303d4d84a3
4c9e8ca681451e046dbb2236e6574a7c1750c0a3cfd3cc5890aa03435432fa72
Analyzer Verdict Alert quad9 Sinkholed
GET /?a=4768&oc=14224&c=45904&p=r&m=3&s1=clctng1301__6beerf093f424b140e521&s2=ye0re|nT90oJScoN==|glgzm|0r94ta|31pka95|80641|0000rglgzm|S|oTI2pzSxo3V=|MB|1lr5pvd&s3=p3yyAwAwZGSuLGyyZQSyAmOlMGZ=&ckmguid=3621a5bb-3000-4232-a469-5b0e54358fbe HTTP/1.1
Host: craftrans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Wed, 18 Jan 2023 23:26:30 GMT
content-type: text/html; charset=utf-8
content-length: 210
cache-control: private
location: https://ideal.get-leads.xyz/click?pid=4726&offer_id=5242&sub2=289678948&sub4=4768
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: som=L/Z2MDGc9R7oagsfzR6WDE7xyoYbyWtj2bI2WU7F0/2IKV5XSf1kMg==; domain=.craftrans.com; path=/; HttpOnly
tm=ssEcX0jam/euTO/RtDBaUE7xyoYbyWtj2bI2WU7F0/2IKV5XSf1kMg==; domain=.craftrans.com; expires=Sat, 18-Jan-2025 23:26:30 GMT; path=/; HttpOnly
c14175=L/Z2MDGc9R7Lgmny2e2mH2wG8RIJfDcp/0an4vPfS5dgfAQaRmrLOg==; domain=.craftrans.com; expires=Fri, 17-Feb-2023 23:26:30 GMT; path=/; HttpOnly
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5518
Cache-Control: max-age=126736
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:30 GMT
Etag: "63c7b6a8-1d7"
Expires: Fri, 20 Jan 2023 10:38:46 GMT
Last-Modified: Wed, 18 Jan 2023 09:06:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1d2ef7589f2c00360a2c6a355660d138
b31f54e0823ddae2a3d2789fdbd65c07731e7e0c
7406a4dab89ed03af94706f3d1175c016b3be7cfed3470feef294648ce67b468
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 23:26:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 17 Jan 2023 21:44:54 GMT
Expires: Tue, 24 Jan 2023 21:44:53 GMT
Etag: "b31f54e0823ddae2a3d2789fdbd65c07731e7e0c"
Cache-Control: max-age=511702,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78bb188fd91eb51b-OSL
ideal.get-leads.xyz/click?pid=4726&offer_id=5242&sub2=289678948&sub4=4768
34.90.46.36302 Found 0 B URL HTTP/2 ideal.get-leads.xyz/click?pid=4726&offer_id=5242&sub2=289678948&sub4=4768
IP 34.90.46.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=4726&offer_id=5242&sub2=289678948&sub4=4768 HTTP/1.1
Host: ideal.get-leads.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 18 Jan 2023 23:26:30 GMT
content-length: 0
location: https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=4768&var3=&var4=&clickid=63c8802692b78b00011334d9
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
set-cookie: afclick=63c8802692b78b00011334d9; expires=Thu, 18 Jan 2024 23:26:30 GMT; secure; SameSite=None
afoffers={"5242":1674084390}; expires=Thu, 18 Jan 2024 23:26:30 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=4768&var3=&var4=&clickid=63c8802692b78b00011334d9
18.194.134.212302 Found 0 B URL HTTP/2 pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=4768&var3=&var4=&clickid=63c8802692b78b00011334d9
IP 18.194.134.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=4768&var3=&var4=&clickid=63c8802692b78b00011334d9 HTTP/1.1
Host: pansen-infichel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 18 Jan 2023 23:26:30 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://ideal.get-leads.xyz/click?pid=888&offer_id=5755&sub2=wmr287059kd1rf0m28atkq9s&sub4=4726
pragma: no-cache
set-cookie: a757149c-fd88-4a9b-9a99-827e6ad49ebc-v4=qxkMlTAegpjdp4P1pqjAkVHOeBI9sEbfVV6OKh1pxp8; Max-Age=86400; Expires=Thu, 19-Jan-2023 23:26:30 GMT; Domain=pansen-infichel.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=yyPHjMUej0Zi1RRYP%2B4b%2BEcf8amTnDHeE%2B0eaqSix1W1b4jczRsSor3jT6Y1SDY4mVqwbqnNd5plM%2Fi9Uo%2F%2BhiMqQ02gtbP%2FO2j8qWrnhZVd1cW0ZwGmINoAypW51QR6XAEEGnrrfTtSN%2Bcmsj%2FIdQ%3D%3D; Max-Age=31536000; Expires=Thu, 18-Jan-2024 23:26:30 GMT; Domain=pansen-infichel.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.200.156.146101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.156.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XhmvNb7S8hrcEWOjz+jMxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PWom22+6BLS5ryEhorZaCn1sFTs=
ideal.get-leads.xyz/click?pid=888&offer_id=5755&sub2=wmr287059kd1rf0m28atkq9s&sub4=4726
34.90.46.36302 Found 0 B URL HTTP/2 ideal.get-leads.xyz/click?pid=888&offer_id=5755&sub2=wmr287059kd1rf0m28atkq9s&sub4=4726
IP 34.90.46.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=888&offer_id=5755&sub2=wmr287059kd1rf0m28atkq9s&sub4=4726 HTTP/1.1
Host: ideal.get-leads.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: afclick=63c8802692b78b00011334d9; afoffers={"5242":1674084390}
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 18 Jan 2023 23:26:30 GMT
content-length: 0
location: https://track.soltrk.com/aff_c?offer_id=4398&aff_id=2312&url_id=51228&aff_sub=888_4726&aff_click_id=63c8802648e70a0001937398
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
set-cookie: afclick=63c8802648e70a0001937398; expires=Thu, 18 Jan 2024 23:26:30 GMT; secure; SameSite=None
afoffers={"5242":1674084390,"5755":1674084390}; expires=Thu, 18 Jan 2024 23:26:30 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7aa81d469fe907f470782bfcfd253dc2
30a35518e6dc3133fb4273faccbb3f3f91bb0bb8
24fd32d9ce4bc473bc18e22b1b09273e5cfeea28539c91268adcacb0a3af6332
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 23:26:31 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fNbgK2kzdZ_1mDAJ6ss0gBd9wBdzIiSHD2pRGEO1LQQk7U6qDjEH3w==
track.soltrk.com/aff_c?offer_id=4398&aff_id=2312&url_id=51228&aff_sub=888_4726&aff_click_id=63c8802648e70a0001937398
63.34.19.61302 Found 298 B URL HTTP/1.1 track.soltrk.com/aff_c?offer_id=4398&aff_id=2312&url_id=51228&aff_sub=888_4726&aff_click_id=63c8802648e70a0001937398
IP 63.34.19.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash df61d015e8ff3a062729ff7708384808
c7ae06284f7059af23685bc30ce536f9b2c8c08f
3df8ab40041a58f9e1bf2d1526f9d2af0be48bd48228657928160e1ff32f88d3
GET /aff_c?offer_id=4398&aff_id=2312&url_id=51228&aff_sub=888_4726&aff_click_id=63c8802648e70a0001937398 HTTP/1.1
Host: track.soltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 18 Jan 2023 23:26:31 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 298
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.matchklubb.com/landing6?cat=default&pt1=102385fd1fde9315c977067b0495b3&pi=2312&pe=888_4726
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_4398=51228; expires=Thu, 19 Jan 2023 23:26:31 GMT; path=/; SameSite=None; Secure
enc_aff_session_4398=ENC030fab6f5461a4acfdf0aa516aba2b0f8b719589c04edbcbf8382f5af356e0d06415ab66e096fd3051ddbe047db9b13e3c1a402d3320eed7681ea1d97f4694056996486f74174dad0ee4ce295cc51b6f764b20c36a2fac2ad29393677f18f21eae6110457a086d4626ae762fada1446b3c8ac82ffc601483736fdb5e90779b9a97b73653991cc4dbc93478871cf825739bf78c848efe426a4eff6d84cde55741ea2988021c; expires=Sat, 18 Feb 2023 23:26:31 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 13 Dec 2025 10:06:31 GMT; path=/; SameSite=None; Secure
Tracking_id: 102385fd1fde9315c977067b0495b3
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: cbf132b2eebe9650c12b9c078bbe50a4
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.pki.goog/s/gts1d4/uTNc5Bn_Sl0
216.58.207.195200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/uTNc5Bn_Sl0
IP 216.58.207.195:0
Hash b90f1b78720c6f0e4bdacb9412c33722
ffe2f956d8628953ea08172566b2272068beea84
b163f02284aee54e0012a2d8fcd5f04aec6549ca98ea5948801f65a3f35e9ded
POST /s/gts1d4/uTNc5Bn_Sl0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9503
Expires: Thu, 19 Jan 2023 02:04:54 GMT
Date: Wed, 18 Jan 2023 23:26:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9503
Expires: Thu, 19 Jan 2023 02:04:54 GMT
Date: Wed, 18 Jan 2023 23:26:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9503
Expires: Thu, 19 Jan 2023 02:04:54 GMT
Date: Wed, 18 Jan 2023 23:26:31 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/uTNc5Bn_Sl0
216.58.207.195200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/uTNc5Bn_Sl0
IP 216.58.207.195:0
Hash b90f1b78720c6f0e4bdacb9412c33722
ffe2f956d8628953ea08172566b2272068beea84
b163f02284aee54e0012a2d8fcd5f04aec6549ca98ea5948801f65a3f35e9ded
POST /s/gts1d4/uTNc5Bn_Sl0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13457311f170ebcd637e77aa48873488
a51ef5eb01736824f382541c5a4ad025ae35c09e
f57f95cc9f18b2e41951f1fcd9c278ca0f522e98dbf57aeb4c59b4b59deeb605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6235
x-amzn-requestid: 919a5e9d-11c0-4b12-a718-f5a256f4fda2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3RXBG8xoAMFW1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5fc2c-2398fc8910eb707e4c15b416;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 01:38:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MKOZeVCOBgny84FGH7fem1LQnV756ylBS2sGbZSdTpJQ2TNM2qJKFQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:54:10 GMT
age: 5541
etag: "a51ef5eb01736824f382541c5a4ad025ae35c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76af8d19-4a05-460d-a524-bb2b3c3953fa.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76af8d19-4a05-460d-a524-bb2b3c3953fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96a47a24ef363784de868a15fc60c7ac
b1b57ae6a1e9a8aacf00c54b07cfa2971f0bafdb
ec788e13d652db77adb67e597a120df9e83d52d5eec75bee0f1b25b680d01d6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76af8d19-4a05-460d-a524-bb2b3c3953fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7246
x-amzn-requestid: 5004aed5-9fe7-494c-bf60-7128ade12dfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph5yFH1oAMF-FQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d0b-6a9e5d35623bee671a840841;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZsiikjMB5MaIlztwTv3BnezWmPQBeev945OUM5t6RctbePryOBAjUA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 13:58:32 GMT
age: 34079
etag: "b1b57ae6a1e9a8aacf00c54b07cfa2971f0bafdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9503
Expires: Thu, 19 Jan 2023 02:04:54 GMT
Date: Wed, 18 Jan 2023 23:26:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7817aa566a3271f82153811b756bb90f
6be8688f3b8d2f053afed5c09d00e71ad9210258
1ec4a11d1598683001714eb1a130c5ba96c37aef0e43623a17780f848543b1c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa13fdc43-f169-4fe6-a14b-6ed62c4d08cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7864
x-amzn-requestid: 932e4550-d62d-448d-b60d-d3c62944c86c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEEVOIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-0977cfca7fe22f83168e5d9e;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rcBwm967yrKleLXr5OzF8SynTLuZIXY85zeUwRyCP56tAt5ChjIapg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:43:10 GMT
age: 71001
etag: "6be8688f3b8d2f053afed5c09d00e71ad9210258"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oi7K1Z45sral6ne0AsNTVD5vGc4WbZ7acJoq--4NFhN_f2z-xq7pWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:55:43 GMT
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
age: 5448
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F615cf6b9-e57f-4dcf-bca2-b5aeba183614.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F615cf6b9-e57f-4dcf-bca2-b5aeba183614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0f36db43000ee8718540e4ec34325ac
32f41d8c68360497d71759129e405cb8ed090f9d
1e5d849d9d34c09decf7fc1fcd7bb0693b68ebe131b1cc1f6c0817739fb28ef1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F615cf6b9-e57f-4dcf-bca2-b5aeba183614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5606
x-amzn-requestid: 472979c3-6608-4699-ae77-738702a61c15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3f6aGD0oAMFkhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61375-2395cd554f19b2bd3f3c0a5b;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:18:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lQtXdsn4UDF60M3LVpC-XIvsQJTnenmc0jXzlhKo_qZCnCugbokZiQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 06:06:40 GMT
age: 62391
etag: "32f41d8c68360497d71759129e405cb8ed090f9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W3gicI1_ALnHebi1fvSS8kaD5nF01zxDWcMWrIdUV_Xq_GGZeyajtg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:44:19 GMT
age: 70932
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 532289832b1f21cd9014c904ca0a1ad6
16b0dbd03283cf8a80316e49ab0a0299fd237d99
e0b0758c8bea976e4963c7ca91cc223d9b68f1e45048dd9d5cce73c9f20a08a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 532289832b1f21cd9014c904ca0a1ad6
16b0dbd03283cf8a80316e49ab0a0299fd237d99
e0b0758c8bea976e4963c7ca91cc223d9b68f1e45048dd9d5cce73c9f20a08a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/enterprise.js
142.250.74.132200 OK 585 B URL HTTP/2 www.google.com/recaptcha/enterprise.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (940), with no line terminators
Hash acfb1617b94a29e1e755d26449f160eb
24245369ceaf200f182ed7ed80c4fb98fa040417
650aaf058c11fc85d5d018ebdcff80293a37f179ee48124711bc408e42a9cd01
GET /recaptcha/enterprise.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 18 Jan 2023 23:26:32 GMT
date: Wed, 18 Jan 2023 23:26:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
142.250.74.132200 OK 616 B URL HTTP/2 www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
IP 142.250.74.132:0
File type ASCII text, with very long lines (974), with no line terminators
Hash f2a039fba47671365ba5ab074f0fbc86
7b8ee84163976be897dbb199fdbd6e58ffb57488
1f70fb3dd51890ba70b0e7b2a3684d722f7b3dadbb54bf777f298d7bc739de05
GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 18 Jan 2023 23:26:32 GMT
date: Wed, 18 Jan 2023 23:26:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 96932e7ee122dfbe89a87a0265f8bf94
a260e5fb88fa73efaedcd7880f4bfea7acf44fbb
e806134fe3187494ab16df5a777bb4d7b8d0a8c400b542a5414b63c7ef3ac3e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 2.8 kB IP 216.58.207.195:0
File type gzip compressed data, from Unix\012- data
Hash c8fe3f990d36a1e78ce0537b284b4842
b0135770f819f95c50084d9c4509eaccc1b2e700
4db62eff991332db842477eeb24f49bfa4531078774cee79a30696d2602741d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
142.250.74.35200 OK 208 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
IP 142.250.74.35:0
File type Unicode text, UTF-8 text, with very long lines (48257)
Size 208 kB (207822 bytes)
Hash a40b52f5bc047b534220d8fb1d5ebe13
b6d7ac20d94feba94454c25fc67cefd24305f52c
f6231a90acbdae2846411374fe770e5e1c7cfd7faf6c1e4f5b34ab82f9eeb4b9
GET /recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 12:50:29 GMT
expires: Thu, 18 Jan 2024 12:50:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
content-type: text/javascript
age: 38163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/0Bi_EIxXY-Q
216.58.207.195200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0Bi_EIxXY-Q
IP 216.58.207.195:0
Hash 1e12b89530d5496d95de01a24d7f7677
2f3c2928126431c28514c901a26faaabac0b77c1
9efaff4d5a8dba3414cf5f1efd2bd2b8742d2a18baa48b20d9d3c7545338adea
POST /s/gts1d4/0Bi_EIxXY-Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
landers.cdnware.io/media-registry.js
35.227.234.99200 OK 114 kB URL HTTP/2 landers.cdnware.io/media-registry.js
IP 35.227.234.99:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (113724 bytes)
Hash b2e64b988b0bb0273793f6605a0d2113
f31c686eeb5e2261b5771c33238e8c2187920eb1
e55ff5d761ec1e0375befb025ff96543a8b42338ac5df1e7452b13783717bc38
GET /media-registry.js HTTP/1.1
Host: landers.cdnware.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvdoPAC4hJHRw1VSoWhKLfA56OWEbidtAOMU3Q-SonjI_B7zIVtAin5jVAtW89ATRuIDWAXCvLlHJ13zKXG2dAPOA
x-goog-generation: 1673973397290497
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 113724
x-goog-hash: crc32c=YBHCkg==, md5=suZLmIsLsCc3k/ZgWg0hEw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 113724
server: UploadServer
date: Wed, 18 Jan 2023 22:38:01 GMT
expires: Wed, 18 Jan 2023 23:38:01 GMT
cache-control: public, max-age=3600
age: 2911
last-modified: Tue, 17 Jan 2023 16:36:37 GMT
etag: "b2e64b988b0bb0273793f6605a0d2113"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/0Bi_EIxXY-Q
216.58.207.195200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0Bi_EIxXY-Q
IP 216.58.207.195:0
Hash 1e12b89530d5496d95de01a24d7f7677
2f3c2928126431c28514c901a26faaabac0b77c1
9efaff4d5a8dba3414cf5f1efd2bd2b8742d2a18baa48b20d9d3c7545338adea
POST /s/gts1d4/0Bi_EIxXY-Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/8e5IAkxIytU
216.58.207.195200 OK 21 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8e5IAkxIytU
IP 216.58.207.195:0
File type gzip compressed data, from Unix\012- data
Hash e22b408713f011cc150e512ab7ea826d
66283f58e293160ba2059e1d576235e6e9d53701
8dc7e244516cdafb18548ec1917c4f2fa802ab52dabf88aa435ab3e9ea9baacb
POST /s/gts1d4/8e5IAkxIytU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samlesamtykke.com/cc.js?wId=3OyELzKwTlaIQ30ABrpKOA&domain=matchklubb.com&languageCode=nb&languageTerritory=NO&sessionId=a808899d598c44d3a4b56c2043f36b27
35.195.163.35200 OK 14 kB URL HTTP/2 samlesamtykke.com/cc.js?wId=3OyELzKwTlaIQ30ABrpKOA&domain=matchklubb.com&languageCode=nb&languageTerritory=NO&sessionId=a808899d598c44d3a4b56c2043f36b27
IP 35.195.163.35:0
Hash dff8423aee18a129fb9cdbbd89ac2aa3
6f7943fb4df3a39210667686840e8383b57ff843
aa2072f45ea4dd8899da7330140506144ef636c04d2c5ff27880d870ac10bc9d
GET /cc.js?wId=3OyELzKwTlaIQ30ABrpKOA&domain=matchklubb.com&languageCode=nb&languageTerritory=NO&sessionId=a808899d598c44d3a4b56c2043f36b27 HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:32 GMT
content-type: application/javascript
content-length: 14074
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.dating/lander/translations/nb-no2.json
35.227.221.175200 OK 203 kB URL HTTP/2 static.dating/lander/translations/nb-no2.json
IP 35.227.221.175:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (618)
Size 203 kB (202902 bytes)
Hash e26f3fd97631912538a7d43e6a1032eb
149f5a00e056aea9217bb3939b3c46c178806fc0
3af68f688ddca0bb774c7dc18369c212d4bc54b9b9dcce3368caef003118a284
GET /lander/translations/nb-no2.json HTTP/1.1
Host: static.dating
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduRF4uGyPZJdnoN5XCdJ9MMsYBtkcc1KfxwZq67hmfd2WnqmtUXOGViNYXDrZg3UApTMPWldXwIp6houfp3eHFoRk_19DRU
x-goog-generation: 1670251258871129
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 202902
x-goog-hash: crc32c=G4wZoA==, md5=4m8/2XYxkSU4p9Q+ahAy6w==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 202902
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 18 Jan 2023 22:59:58 GMT
expires: Wed, 18 Jan 2023 23:59:58 GMT
cache-control: public, max-age=3600
age: 1594
last-modified: Mon, 05 Dec 2022 14:40:58 GMT
etag: "e26f3fd97631912538a7d43e6a1032eb"
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/8e5IAkxIytU
216.58.207.195200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8e5IAkxIytU
IP 216.58.207.195:0
Hash 558a41481ce4e435334f4a7387143628
8de567dee0b96a1c336d3f39fdd71b80a1b3bac5
dec5be5fa287cb8b32557e30d467d2da1057ec83186147d4a34aa0c310cf5459
POST /s/gts1d4/8e5IAkxIytU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 18 Jan 2023 21:45:20 GMT
expires: Wed, 18 Jan 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 6072
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash 783c01fa14ade2316e22ead869b3dbf8
71e20a947b3a9e10cb2bf046e2ca3da294d97f70
9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=329899694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.matchklubb.com%2Flanding6%3Fcat%3Ddefault%26pt1%3D102385fd1fde9315c977067b0495b3%26pi%3D2312%26pe%3D888_4726&ul=en-us&de=UTF-8&dt=matchklubb.com&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=535397420&gjid=1972357489&cid=248820529.1674084393&tid=UA-132064855-2&_gid=1228182649.1674084393&_r=1&_slc=1&z=1590274281
142.250.74.46200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=329899694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.matchklubb.com%2Flanding6%3Fcat%3Ddefault%26pt1%3D102385fd1fde9315c977067b0495b3%26pi%3D2312%26pe%3D888_4726&ul=en-us&de=UTF-8&dt=matchklubb.com&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=535397420&gjid=1972357489&cid=248820529.1674084393&tid=UA-132064855-2&_gid=1228182649.1674084393&_r=1&_slc=1&z=1590274281
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=329899694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.matchklubb.com%2Flanding6%3Fcat%3Ddefault%26pt1%3D102385fd1fde9315c977067b0495b3%26pi%3D2312%26pe%3D888_4726&ul=en-us&de=UTF-8&dt=matchklubb.com&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=535397420&gjid=1972357489&cid=248820529.1674084393&tid=UA-132064855-2&_gid=1228182649.1674084393&_r=1&_slc=1&z=1590274281 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.matchklubb.com
date: Wed, 18 Jan 2023 23:26:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=329899694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.matchklubb.com%2Flanding6%3Fcat%3Ddefault%26pt1%3D102385fd1fde9315c977067b0495b3%26pi%3D2312%26pe%3D888_4726&ul=en-us&de=UTF-8&dt=matchklubb.com&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEDAAEABAAAAACAAI~&jid=1268113654&gjid=563432683&cid=248820529.1674084393&tid=UA-132064855-5&_gid=1228182649.1674084393&_r=1&_slc=1&z=1734876568
142.250.74.46200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=329899694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.matchklubb.com%2Flanding6%3Fcat%3Ddefault%26pt1%3D102385fd1fde9315c977067b0495b3%26pi%3D2312%26pe%3D888_4726&ul=en-us&de=UTF-8&dt=matchklubb.com&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEDAAEABAAAAACAAI~&jid=1268113654&gjid=563432683&cid=248820529.1674084393&tid=UA-132064855-5&_gid=1228182649.1674084393&_r=1&_slc=1&z=1734876568
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=329899694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.matchklubb.com%2Flanding6%3Fcat%3Ddefault%26pt1%3D102385fd1fde9315c977067b0495b3%26pi%3D2312%26pe%3D888_4726&ul=en-us&de=UTF-8&dt=matchklubb.com&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEDAAEABAAAAACAAI~&jid=1268113654&gjid=563432683&cid=248820529.1674084393&tid=UA-132064855-5&_gid=1228182649.1674084393&_r=1&_slc=1&z=1734876568 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.matchklubb.com
date: Wed, 18 Jan 2023 23:26:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 21:48:03 GMT
expires: Fri, 12 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 524309
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:40:43 GMT
expires: Fri, 12 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 542749
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
samlesamtykke.com/cc.css
35.195.163.35200 OK 3.9 kB IP 35.195.163.35:0
File type assembler source, ASCII text
Hash 594c3c757e637b29a91f9ded0113b707
2c04f908c419910a88bd5fca0e8e0f70b612834f
98c9c36b6b36127768c2156ffec51625b0f8dea705b02522c9db50ca6073098c
GET /cc.css HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: text/css
content-length: 3892
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
etag: "6073-5b1b123761e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.samlesamtykke.com/consent/collector
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/collector
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.matchklubb.com/
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.matchklubb.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash efac8d32469e6807b1b1f2916a47edf1
68d91e7af565f1cf6597bcdd642a78dbada50a8d
22639289563bb576a7c20b9c733bdd7f98c41519fdddeef0d710f0d058c5bf88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash efac8d32469e6807b1b1f2916a47edf1
68d91e7af565f1cf6597bcdd642a78dbada50a8d
22639289563bb576a7c20b9c733bdd7f98c41519fdddeef0d710f0d058c5bf88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=248820529.1674084393&jid=535397420&gjid=1972357489&_gid=1228182649.1674084393&_u=IEBAAEAAAAAAACAAI~&z=1665986326
108.177.14.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=248820529.1674084393&jid=535397420&gjid=1972357489&_gid=1228182649.1674084393&_u=IEBAAEAAAAAAACAAI~&z=1665986326
IP 108.177.14.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=248820529.1674084393&jid=535397420&gjid=1972357489&_gid=1228182649.1674084393&_u=IEBAAEAAAAAAACAAI~&z=1665986326 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.matchklubb.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Jan 2023 23:26:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=248820529.1674084393&jid=1268113654&gjid=563432683&_gid=1228182649.1674084393&_u=IEDAAEABAAAAACAAI~&z=1515613765
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=248820529.1674084393&jid=1268113654&gjid=563432683&_gid=1228182649.1674084393&_u=IEDAAEABAAAAACAAI~&z=1515613765
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=248820529.1674084393&jid=1268113654&gjid=563432683&_gid=1228182649.1674084393&_u=IEDAAEABAAAAACAAI~&z=1515613765 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.matchklubb.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Jan 2023 23:26:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.samlesamtykke.com/consent/collector
35.195.163.35200 OK 4.4 kB URL HTTP/2 api.samlesamtykke.com/consent/collector
IP 35.195.163.35:0
File type JSON data\012- , ASCII text, with very long lines (4373), with no line terminators
Hash 2ffa4c2f3bd7e26ebded202231bce4c1
fb1fc5705d3041957a7df102d29d89c416f52a13
6e19439d54a9275e3edc54ada433895ba01ea8ffe9a4df1ebefba9d19461ecf5
POST /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: application/json
Content-Length: 168
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: application/vnd.api+json
content-length: 4373
access-control-allow-origin: https://www.matchklubb.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 472 B IP 216.58.207.195:0
Hash efac8d32469e6807b1b1f2916a47edf1
68d91e7af565f1cf6597bcdd642a78dbada50a8d
22639289563bb576a7c20b9c733bdd7f98c41519fdddeef0d710f0d058c5bf88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.samlesamtykke.com/consent/loadSegment
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/loadSegment
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.matchklubb.com/
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.matchklubb.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.samlesamtykke.com/consent/loadSegment
35.195.163.35200 OK 284 B URL HTTP/2 api.samlesamtykke.com/consent/loadSegment
IP 35.195.163.35:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with no line terminators
Hash 3b5b46131cac937efb3f56e11e0412a9
58ce0cff3be7080200e85206df18f1cd5d6c4841
4927caed672e4a6ab0dec07adfb90e5c15213e562a6873e0943699d82cca467e
POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: application/json
Content-Length: 223
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: application/vnd.api+json
content-length: 284
access-control-allow-origin: https://www.matchklubb.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=248820529.1674084393&jid=1268113654&_u=IEDAAEABAAAAACAAI~&z=625457367
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=248820529.1674084393&jid=1268113654&_u=IEDAAEABAAAAACAAI~&z=625457367
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=248820529.1674084393&jid=1268113654&_u=IEDAAEABAAAAACAAI~&z=625457367 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 23:26:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.207.195200 OK 471 B IP 216.58.207.195:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 23:26:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.samlesamtykke.com/consent/loadSegment
35.195.163.35200 OK 360 B URL HTTP/2 api.samlesamtykke.com/consent/loadSegment
IP 35.195.163.35:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (357), with no line terminators
Hash b81ec878e5adcd0863faef7e7e6fe44a
faed2737ec33732d35c72dd8032da0c3a925ea0d
d4e02dfa1bd03cd275a801d83acadb1c3fdaced7f6ff26abdf36addaeda5d714
POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: application/json
Content-Length: 224
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: application/vnd.api+json
content-length: 360
access-control-allow-origin: https://www.matchklubb.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.samlesamtykke.com/consent/confirmExplicit
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/confirmExplicit
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.matchklubb.com/
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.matchklubb.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.samlesamtykke.com/consent/confirmExplicit
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/confirmExplicit
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.matchklubb.com/
Content-Type: application/json
Content-Length: 547
Origin: https://www.matchklubb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Wed, 18 Jan 2023 23:26:33 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.matchklubb.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.matchklubb.com/landing6?cat=default&pt1=102385fd1fde9315c977067b0495b3&pi=2312&pe=888_4726
34.160.156.109200 OK 0 B URL HTTP/2 www.matchklubb.com/landing6?cat=default&pt1=102385fd1fde9315c977067b0495b3&pi=2312&pe=888_4726
IP 34.160.156.109:0
GET /landing6?cat=default&pt1=102385fd1fde9315c977067b0495b3&pi=2312&pe=888_4726 HTTP/1.1
Host: www.matchklubb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 18 Jan 2023 23:26:31 GMT
server: nginx/1.14.2
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: matchklubb.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 5571528
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2